|
307031
|
7.8 |
HIGH
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-46953
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307032
|
7.8 |
HIGH
Local
|
artifex
debian
|
ghostscript
debian_linux
|
An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-46952
|
2024-11-14 11:01 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307033
|
- |
|
-
|
-
|
In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. Th…
|
-
|
CVE-2024-43093
|
2024-11-14 11:00 |
2024-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307034
|
7.8 |
HIGH
Local
|
artifex
|
ghostscript
|
An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.
|
CWE-22
Path Traversal
|
CVE-2024-46954
|
2024-11-14 10:58 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307035
|
5.5 |
MEDIUM
Local
|
artifex
debian
suse
|
ghostscript
debian_linux
linux_enterprise_high_performance_computing
linux_enterprise_server
linux_enterprise_server_for_sap
|
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-46955
|
2024-11-14 10:53 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307036
|
6.1 |
MEDIUM
Network
|
microsoft
|
nugetgallery
|
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HT…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47604
|
2024-11-14 08:17 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307037
|
7.5 |
HIGH
Network
|
siemens
|
simatic_cp_1543-1_firmware
|
A vulnerability has been identified in SIMATIC CP 1543-1 V4.0 (6GK7543-1AX10-0XE0) (All versions >= V4.0.44 < V4.0.50). Affected devices do not properly handle authorization. This could allow an unau…
|
CWE-863
Incorrect Authorization
|
CVE-2024-50310
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307038
|
7.3 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications suffer from a DLL hijacking vulnerability. This could allow an attacker to execute…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-47942
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307039
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47941
|
2024-11-14 08:15 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307040
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2024
|
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9). The affected applications contain an out of bounds read past the end of an allocated structure while parsing…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-47940
|
2024-11-14 08:14 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
